DSA-2025-380: Security Update for Dell Integrated System for Microsoft Azure Stack Hub Multiple Third-Party Component Vulnerabilities
Yhteenveto: Dell Integrated System for Microsoft Azure Stack Hub remediation is available for Multiple Third-Party Component Vulnerabilities that could be exploited by malicious users to compromise the affected system. ...
Tämä artikkeli koskee tuotetta
Tämä artikkeli ei koske tuotetta
Tämä artikkeli ei liity tiettyyn tuotteeseen.
Tässä artikkelissa ei yksilöidä kaikkia tuoteversioita.
Vaikutus
High
Tiedot
| Third-party Component | CVEs | More Information |
| Intel 2025.2 IPU | CVE-2025-20109, CVE-2025-20044 | DSA-2025-156 |
| Intel Processors | CVE-2024-33607, CVE-2025-24324, CVE-2025-23241, CVE-2025-24303, CVE-2025-22836, CVE-2025-24484, CVE-2025-22893, CVE-2025-20093, CVE-2025-24325 | DSA-2025-324 |
| Intel 2025.3 IPU for PowerEdge R760 and PowerEdge R660 | CVE-2025-20613, CVE-2025-22853, CVE-2025-21096 | DSA-2025-297 |
| Dell iDRAC9 Arbitrary File Export - Integrated Dell Remote Access Controller 9 | CVE-2025-22397 | DSA-2025-376 |
| iDRAC9 – Information disclosure in a easily decodable format - Integrated Dell Remote Access Controller 9 - Dell Integrated System for Microsoft Azure Stack Hub | CVE-2026-26948, CVE-2026-26945 | DSA-2026-113 |
| Intel IPU INTEL-TA-01234 - PowerEdge Platform (VR Only) - Dell Integrated System for Microsoft Azure Stack Hub | CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-20064, CVE-2025-20105, CVE-2025-20028, CVE-2025-20027, CVE-2025-20073, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 | DSA-2025-297 |
Tuotteet, joihin asia vaikuttaa, ja tilanteen korjaaminen
| Product | Affected Versions | Remediated Versions | Link |
| Dell Integrated System for Microsoft Azure Stack Hub 16G | Versions prior to 2508 | Version 2508 or later | https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack16g/drivers |
| Dell Integrated System for Microsoft Azure Stack Hub 14G | Versions prior to 2508 | Version 2508 or later | https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack16g/drivers |
| Product | Affected Versions | Remediated Versions | Link |
| Dell Integrated System for Microsoft Azure Stack Hub 16G | Versions prior to 2508 | Version 2508 or later | https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack16g/drivers |
| Dell Integrated System for Microsoft Azure Stack Hub 14G | Versions prior to 2508 | Version 2508 or later | https://www.dell.com/support/product-details/product/cloud-for-microsoft-azure-stack16g/drivers |
Kiertotavat ja lievennyskeinot
| CVE ID | Workaround and Mitigation |
| CVE-2025-2884 | The TPM component used in Azure Stack Hub does not have a mechanism for updates through Hub releases. Customer must contact support to upgrade the TPM on the nodes.
DSA-2025-232 |
Versiohistoria
| Revision | Date | Description |
| 1.0 | 2025-10-13 | Initial Release |
| 2.0 | 2025-11-13 | Added CVE-2025-22397 to the remediated table |
| 3.0 | 2026-03-30 | Added CVE-2026-26948, CVE-2026-26945, CVE-2025-20053, CVE-2025-20613, CVE-2025-21090, CVE-2025-21096, CVE-2025-22853, CVE-2025-24305, CVE-2025-20064, CVE-2025-20105, CVE-2025-20028, CVE-2025-20027, CVE-2025-20073, CVE-2025-20064, CVE-2025-20028, CVE-2025-20027 to the advisory |
Asiaan liittyvät tiedot
Vastuuvapauslauseke
Tuotteet, joihin vaikutus kohdistuu
Integrated System for Microsoft Azure Stack Hub 14G, Integrated System for Microsoft Azure Stack Hub 16GArtikkelin ominaisuudet
Artikkelin numero: 000379435
Artikkelin tyyppi: Dell Security Advisory
Viimeksi muutettu: 30 maalisk. 2026
Etsi vastauksia kysymyksiisi muilta Dell-käyttäjiltä
Tukipalvelut
Tarkista, kuuluuko laitteesi tukipalveluiden piiriin.